Microsoft IIS repost.asp File Upload
High Nessus Plugin ID 10372
SynopsisThe remote web server supports arbitrary file uploads.
DescriptionThe script '/scripts/repost.asp' is installed on the remote IIS web server and allows an attacker to upload arbitrary files to the '/Users' directory if it has not been configured properly.
SolutionCreate the '/Users' directory if necessary and ensure that the Anonymous Internet Account ('IUSER_MACHINE') only has read access to it.